Archive

Is your online e-mail account secure, with a 25 character alpha-numeric complex password? If you say yes, then you might need to read through the rest of the article.

Sadly the answer is a no, not necessarily.

A person who gets access to your personal online accounts with a malicious intent without your knowledge is called a hacker. But the term is normally associated with a person far off somewhere who’s using complex tools and techniques with immense knowledge of computer science. No, he needn’t be all that. He could just as well be a disgruntled colleague or an estranged lover or a total stranger who you tagged as a friend on Facebook, who is looking to gain access to your online account with a malicious intent. And this malicious intent can be from having a peek into your personal emails or spamming your account to vent off their ire or deface your public content or even look at siphon off some money from your bank accounts.

And do you need complex tools and techniques to get illegal access to your account? No, it can be done without them, if you’re providing the access yourself. Welcome to the term, Social Engineering.

Social engineering was once a social science term according to Wikipedia, but more associated with computers and security in recent days. It is a defined as an act of manipulating people into performing actions or divulging confidential information. But this day and age, there is no need to manipulate a person to get personal information, because all your actions are online in the social media.

Vulnerabilities: Let’s see a small illustration. Every email account has a “Forgot your password?” facility, which is designed for the rightful owners in case they had forgotten their password. Most of them identify you by a security question. This is something not everyone pays attention to, and mistakenly keeps a very simple one. Say like, “What’s my dog’s name?” And if your Facebook or Twitter update yesterday said, “Fun time with my fluffy” along with a picture of you and your pet dog, then you just gave someone an easy ticket to your personal emails.

An access to your emails means a little more than just a chance to read your personal emails. Most email or even your Facebook account have a chat feature and retain your chat transcripts. Your online bank account details/passwords are all at stake if you had openly chatted about it with someone very close or even your family member. All the hacker needs to do is sift through your chat history and dig gold out of it, quite literally.

Preventive measures to safeguard: It is very easy to share information online, Facebook, Twitter or a million other sites which make it easy to do so. But take a judgement call on what’s worth sharing and what’s not. It is not advisable to share what they call PII or Personally Identifiable Information. Likewise, it is not advisable to place very easily accessible information like your pet names as Security questions. Most online accounts provide facility to track usage through mobile phones, record new activity, log usage from new machines, etc… Make the best use of them.

Be proactive while adding friends on Social networking sites; Classify between friends and total strangers. When you’re sharing information on social media, be sure to choose your target audience and share it only with who needs know. If you’re a very active user of such social media, then spend some time to read about the safety and security features of the website. And in any case of suspicious activity on your account, proactively report it to the website administrators.

When technology leaps two steps to help humanity, it also enables certain elements leap four steps to harm us. Ignorance is never bliss; it does more harm than imagined.